NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities

NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities

Today we are releasing updates to NGINX Open Source and NGINX Plus in response to the vulnerabilities recently discovered in the HTTP/2 protocol. We strongly recommend upgrading all systems that have HTTP/2 enabled.

In May 2019, researchers at Netflix discovered a number of security vulnerabilities in several HTTP/2 server implementations. These were responsibly reported to each of the vendors and maintainers concerned. NGINX was vulnerable to three attack vectors, as detailed in the following CVEs:

We have addressed these vulnerabilities, and added other HTTP/2 security safeguards, in the following NGINX versions:

  • NGINX 1.16.1 (stable)
  • NGINX 1.17.3 (mainline)
  • NGINX Plus R18 P1

The post NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities appeared first on NGINX.

Source: NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities

About KENNETH 12094 Articles
지락문화예술공작단

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.